Hacker pockets $5.6 million in 51% Ethereum Classic attack
Last Updated on 6 August 2020 by CryptoTips.eu
Analysis reveals that the recent reorganization of the Ethereum Classic (ETC) blockchain was actually a carefully orchestrated 51% attack. The malicious miner managed to double expenses by more than 800,000 (ETC), or the equivalent of approximately $ 5.8 million.
A well-executed attack
The attack on 51% of the Ethereum Classic blockchain was by no means a mistake contrary to what some believed. The attack took place between July 31 and August 1. However, it was not detected for several days, due to complex planning on the part of the miner.
Bitquery, a blockchain data intelligence firm, has released a detailed analysis that explains how the operation went. The miner started his operation by sending ETCs from a platform to his own wallets, to then send these funds back to the platform.
Using more than 51% of the hash power of the Ethereum Classic blockchain, the attacker managed to mine over 4,000 blocks. He then created private transactions that sent ETCs to the wallets under his control and inserted those transactions into the blocks he was mining.
The miner spent more than 12 hours sending the ETCs to an exchange to convert them into other cryptocurrencies. The long duration of the attack allowed the attacker to divide the sales of ETCs into numerous operations to avoid suspicion.
Finally, he released the blocks containing transfers to his wallets to reorganize the blockchain, with the aim of replacing the actual blocks with those he had just created. After the malicious blocks were introduced to the Ethereum Classic blockchain, the ledger indicated that transactions sending ETC from the attacker’s wallets to the exchange never took place.
Bitquery’s analysis estimates that the attacker collected 807,260 ETCs, and spent around 17.5 bitcoins (BTC) worth $ 192,000 at the time of the incident. These BTCs were used to lease hash power from vendors on Nicehash.
Bitquery concludes by saying that OKEX is likely the exchange targeted by the double-spending attack. A theory shared by Victor Fang, CEO of Anchain.ai, another blockchain monitoring firm.
A risk too often forgotten
The risk of a 51% attack happening on blockchains with a low has hrate is real. Getting over 51% hash power is not as difficult as it used to be for some networks, which have been put aside by miners.
Changpeng Zhao, CEO of Binance, shared his thoughts on the situation:
Unpopular opinion: blockchains are not immutable. Nothing is 100% sure. Better to be transparent about these risks than to hide them or talk about them in a taboo way. Education is the best protection.
The official Ethereum Classic Twitter account has also called on the various blockchain players to take certain measures:
In light of recent network attacks, it's recommended that all exchanges, mining pools, and other ETC service providers significantly raise confirmation times on all deposits and incoming transactions. @okex @binance @HuobiGlobal @hitbtc @coinbase @digifinex @etherchain_org
— Ethereum Classic (@eth_classic) August 6, 2020